Could Obamacare be boon for identity thieves?

A handful of states have begun to roll out awareness campaigns about the Affordable Care Act this summer, but state and federal outreach efforts are expected to become more active after Labor Day.

Analysts say they face a double-barreled challenge in trying to get the word out. First, making people understand how insurance coverage will work. Secondly, building trust in so-called Obamacare.

"Trust is a critical element, because people in general are confused," said Jon Kingsdale, a managing director of Wakely Consulting Group, who served as the executive director of the Massachusetts Health Connector when the Bay State launched its universal health insurance program in 2006.

"Insurance is incredibly complex. Most people don't get it, let alone the Affordable Care Act," he explained, adding that the complicating factor for the Obama administration and the states this fall is that the law remains unpopular. A recent Kaiser tracking poll found 43 percent of Americans still view Obamacare unfavorably.

"There is a lot of political controversy around the Affordable Care Act," Kingsdale said.

In Washington, the administration has been under increasing pressure to defend the integrity of the federal insurance exchange, the online gateway through which Americans in more than 30 states will sign up for health coverage and will determine whether they qualify for government tax credits to help pay for their premiums.

With less than 90 days until the start of open enrollment, the exchange infrastructure is still being built and there are concerns the system will not be ready in time for October. A recent report from the General Accounting Office (GAO) raised doubts about the tight deadline for implementation.

During a hearing last week, members of the House Oversight Committee grilled officials from the Centers for Medicare and Medicaid Services (CMS) about the status of security and privacy controls being built into the infrastructure of the federal system.

"I would say with regards to privacy and security we're probably about 80 percent," Chao admitted, but assured the congressman that privacy controls would be at 100 percent functionality by October.

Sensitive data

Millions of Americans will be asked to provide quite a bit of sensitive personal data in order to sign up for insurance coverage under Obamacare, including their social security numbers and income tax information. Even supporters of the law, are raising concerns that this fall's enrollment period is fraught with opportunities for fraud and abuse.

"We've been urging our benefits exchange to make sure there are comprehensive enough consumer protections in place, to make sure that fraudsters don't get into this market," said California Insurance Commissioner Dave Jones.

The commissioner has been especially concerned about the recruitment and screening of new workers, so-called navigators, who will be involved in helping people literally navigate the process of applying for insurance coverage.

The navigator system is built into the Obamacare outreach process, and the federal and state exchanges are expected to enlist tens of thousands of of new workers. In California, the state's exchange is expected to hire 21,000 of these workers to help enroll an expected 2 million new uninsured residents.

"We've convinced Covered California, our health benefits exchange, to adopt a system of fingerprinting background checks, some minimal training and certification," said Jones, "but we believe they should go further."

The insurance commissioner is urging his state's exchange officials to establish oversight of the navigator program and establish penalties for those who commit fraud.

Eva Velasquez, CEO of the Identity Theft Resource Center, worries states aren't doing enough to prevent online fraud when it comes to their exchange websites. She believes fraudsters and identity thieves are already gearing up to exploit the confusion around enrollment season.

"We've already noticed in paid searches there are websites coming up that have nothing to do with Obamacare," she said.

Velasquez said each state exchange will have a different name, and she expects identity thieves will use websites posing as legitimate portals and phishing emails that may look like official government enrollment messages in order to trick people into providing their personal information.

"This is going to be a situation where consumers feel compelled to respond to emails because of the law," she said, alluding to the Obamacare individual mandate requiring people to obtain insurance.

Velasquez points out that years after Congress required the credit reporting industry to provide consumers with free credit reports through the site annualcreditreport.com, many Americans still wind up on copycat sites, which are actually aimed at selling them subscriptions for the service which they are entitled to for free.

"We don't think the insurance exchanges are going to be immune to this behavior," she said. "And we aren't aware of any measures or mechanisms in place that would address this."

In a statement, officials with the New York state health exchange said they will emphasize to consumers that they should only apply for coverage with navigators, insurance brokers and counselors who are officially recognized and certified, when they roll out their awareness campaign this fall.

Yet even if states establish safeguards, Jones expects identity thieves will be out in force during Obamacare enrollment this fall.

"Whenever you have such a large number of people coming into the market, there is the opportunity that they'll be taken advantage of," he said.